ProHoster > Blog > internet nhau > Wireshark 4.0 Network Analyzer Release

Wireshark 4.0 Network Analyzer Release

Kuburitswa kwebazi idzva rakagadzikana reWireshark 4.0 network analyzer yakaburitswa. Ngatiyeukei kuti purojekiti yakatanga kugadzirwa pasi pezita rokuti Ethereal, asi muna 2006, nekuda kwekukakavadzana nemuridzi weEthereal trademark, vagadziri vakamanikidzwa kutumidzazve purojekiti Wireshark. Iyo kodhi yeprojekiti yakagoverwa pasi peGPLv2 rezinesi.

Makiyi ekuvandudza muWireshark 4.0.0:

  • Mamiriro ezvinhu muhwindo guru akachinjwa. Iyo Yekuwedzera Packet Ruzivo uye Packet Bytes mapaneru ari padivi nepadivi pazasi pePackage Rondedzero panhi.
  • Dhizaini yemabhokisi e "Kukurukurirana" uye "Endpoint" yakashandurwa.
    • Yakawedzerwa sarudzo kumamenu emamiriro ekudzoreredza makoramu ese uye kukopa zvinhu.
    • Iko kukwanisa kusunungura uye kuisa ma tabo kunopihwa.
    • Yakawedzera rutsigiro rwekutumira kunze muJSON fomati.
    • Kana masefa akaiswa, makoramu anoratidzwa anoratidza mutsauko pakati pemapaketi akafananidzwa neasina kusefa.
    • Kurongeka kwemarudzi akasiyana-siyana edata kwakachinjwa.
    • Mazita akasungirirwa kune TCP uye UDP hova uye kugona kusefa navo kunopihwa.
    • Inotenderwa kuvanza ma dialog kubva pane zviri mukati menyu.
  • Yakavandudzwa kupinza kwehex dumps kubva kuWireshark interface uye kushandisa iyo text2pcap command.
    • text2pcap inopa kugona kurekodha kuraswa mune ese mafomati anotsigirwa newiretap raibhurari.
    • Muchinyorwa2pcap, pcapng inogadzikwa seyakagadzika fomati, yakafanana neiyo editcap, mergecap uye tshark zvinoshandiswa.
    • Yakawedzerwa rutsigiro rwekusarudza yakabuda fomati encapsulation mhando.
    • Yakawedzera sarudzo nyowani dzekutema miti.
    • Inopa kugona kuchengetedza dummy IP, TCP, UDP uye SCTP misoro mukurasira kana uchishandisa Raw IP, Raw IPv4 uye Raw IPv6 encapsulation.
    • Yakawedzera tsigiro yekuongorora mafaera ekuisa uchishandisa anogara achitaurwa.
    • Iko kushanda kweiyo text2pcap utility uye iyo "Import kubva kuHex Dump" interface muWireshark inovimbiswa.
  • Kuita kwekutemerwa kwenzvimbo uchishandisa MaxMind dhatabhesi kwakagadziridzwa zvakanyanya.
  • Shanduko dzakaitwa kune syntax yemitemo yekusefa traffic:
    • Yakawedzera kugona kusarudza imwe dhizaini yeprotocol stack, semuenzaniso, paunenge uchivhara IP-pamusoro-IP, kubvisa kero kubva kunze uye nested mapaketi, unogona kutsanangura "ip.addr#1 == 1.1.1.1" uye " ip.addr#2 == 1.1.1.2. XNUMX".
    • Mamiriro ezvinhu zvino anotsigira "chero" uye "ese" quantifiers, semuenzaniso "ese tcp.port > 1024" kuyedza ese tcp.port minda.
    • Pane syntax yakavakirwa-mukati yekutsanangura mareferensi emunda - ${some.field}, inoshandiswa pasina kushandisa macros.
    • Yakawedzera kugona kushandisa arithmetic mashandiro (“+”, “-“, “*”, “/”, “%”) nenhamba dzenhamba, kupatsanura chirevo nesimbi dzakamonana.
    • Yakawedzera max (), min () uye abs () mabasa.
    • Inotenderwa kutsanangura mataurirwo uye kudaidza mamwe mabasa sebasa nharo.
    • Yakawedzerwa syntax itsva kuparadzanisa zvinyorwa kubva kune zviziviso - kukosha kunotanga nekadoti kunotorwa seprotocol kana protocol ndima, uye kukosha mukati memakona mabhuraketi inotorwa sechinhu chaicho.
    • Yakawedzerwa bit opareta "&", semuenzaniso, kushandura mabhiti ega ega unogona kudoma "frame[0] & 0x0F == 3".
    • Kutangira kweane musoro UYE opareta iko zvino kwakwirira kupfuura iyo yeOR mushandisi.
    • Yakawedzera tsigiro yekutsanangura zvinoramba zvichiitika mubhinari fomu uchishandisa "0b" prefix.
    • Yakawedzera kugona kushandisa zvisina kunaka index kukosha kwekubika kubva kumagumo, semuenzaniso, kutarisa maviri ekupedzisira mabheti mumusoro weTCP unogona kutsanangura "tcp[-2:] == AA:BB".
    • Kupatsanura zvinhu zveseti ine nzvimbo kunorambidzwa; kushandisa nzvimbo pachinzvimbo chekoma zvino tungamira mukukanganisa kwete yambiro.
    • Yakawedzera kutevedzana kwekupukunyuka: \a, \b, \f, \n, \r, \t, \v.
    • Yakawedzera kugona kududzira Unicode mavara mune \uNNNN uye \UNNNNNNNN mafomati.
    • Yakawedzera mutsva wekuenzanisa opareta "===" ("all_eq"), inoshanda chete kana mushoko rekuti "a === b" ese maitiro e "a" match "b". A reverse opareta "!==" ("chero_ne") awedzerwawo.
    • Iyo "~=" mushandisi yakarambwa uye "!==" inofanira kushandiswa pachinzvimbo.
    • Zvinorambidzwa kushandisa nhamba dzine dot rakazaruka, i.e. kukosha ".7" uye "7." iye zvino hadzichashandi uye dzinofanira kutsiviwa ne“0.7” uye “7.0”.
    • Injini yenguva dzose yekutaura muinjini yekuratidzira yakaendeswa kuPCRE2 raibhurari panzvimbo yeGRegex.
    • Kunyatsobata manull bytes kunoitwa mune zvenguva dzose tambo dzekutaura uye matemplate ('\0' mutambo inobatwa sechinhu chisina maturo).
    • Pamusoro pe1 uye 0, tsika dze boolean dzinogona kunyorwa seChokwadi/CHOKWADI uye Nhema/Nhema.
  • Iyo HTTP2 dissector module yakawedzera tsigiro yekushandisa dummy misoro kuparadzanisa data rakatorwa pasina yapfuura mapaketi ane misoro (semuenzaniso, kana uchipfuura meseji mune yakatosimbiswa gRPC kubatana).
  • Mesh Connex (MCX) rutsigiro rwakawedzerwa kune IEEE 802.11 parser.
  • Kuchengetedza kwenguva pfupi (pasina kuchengetedza pa diski) yepassword muExtcap dialog inopihwa, kuti urege kuiisa panguva yekudzokororwa kwekutanga. Yakawedzera kugona kuseta password ye extcap kuburikidza nemirairo mutsara zvinoshandiswa senge tshark.
  • Iyo ciscodump utility inoshandisa kugona kutora kure kubva kumidziyo yakavakirwa paIOS, IOS-XE uye ASA.
  • Yakawedzerwa protocol rutsigiro:
    • Allied Telesis Loop Detection (AT LDF),
    • AUTOSAR I-PDU Multiplexer (AUTOSAR I-PduM),
    • DTN Bundle Protocol Security (BPSec),
    • DTN Bundle Protocol Version 7 (BPv7),
    • DTN TCP Convergence Layer Protocol (TCPCL),
    • DVB Selection Information Table (DVB SIT),
    • Yakavandudzwa Cash Trading Interface 10.0 (XTI),
    • Enhanced Order Book Interface 10.0 (EOBI),
    • Enhanced Trading Interface 10.0 (ETI),
    • FiveCo's Legacy Register Access Protocol (5co-legacy),
    • Generic Data Transfer Protocol (GDT),
    • gRPC Webhu (gRPC-Webhu),
    • Host IP Configuration Protocol (HICP),
    • Huawei GRE bonding (GREbond),
    • Locamation Interface Module (IDENT, CALIBRATION, SAMPLES - IM1, SAMPLES - IM2R0),
    • Mesh Connex (MCX),
    • Microsoft Cluster Remote Control Protocol (RCP),
    • Vhura Kudzora Protocol yeOCA/AES70 (OCP.1),
    • Protected Extensible Authentication Protocol (PEAP),
    • REdis Serialization Protocol v2 (RESP),
    • Roon Discovery (RoonDisco),
    • Chengetedza File Transfer Protocol (sftp),
    • Chengetedza Host IP Configuration Protocol (SHICP),
    • SSH File Transfer Protocol (SFTP),
    • USB Yakanamatira SCSI (UASP),
    • ZBOSS Network Coprocessor (ZB NCP).
  • Kuwedzera zvinodiwa zvenzvimbo yekuvaka (CMake 3.10) uye zvinotsamira (GLib 2.50.0, Libgcrypt 1.8.0, Python 3.6.0, GnuTLS 3.5.8).

Source: opennet.ru

Voeg